Hey, I'm trying to delete "my" logged in user by using a rpc call to a stored procedure / function. I'm not sure how to do the workaround to allow the action from client. I know the docs says that this is an action that requires a backend call with service_key, but I don't have any other running backends for my project. I've tried the following: - Set role to

service_role

- Grant usage on schema with

authenticated

- Create policy on `auth.users`for delete to

authenticated

My response:

message: 'permission denied for table users',
code: '42501',

Any suggestions or other workarounds? 👼 My latest attempt:

create or replace function cleanup_user ()
  returns boolean
  language plpgsql
  as
  $$
    begin
      SET ROLE TO service_role;
      delete from auth.users where id = auth.uid();
      return true;
    end;
  $$

Hello @Certinax! This thread has been automatically created from your message in #843999948717555735 a few seconds ago. We have already mentioned the @User so that they can see your message and help you as soon as possible! Want to unsubscribe from this thread? Right-click the thread in Discord (or use the ``...`` menu) and select "Leave Thread" to unsubscribe from future updates. Want to change the title? Use the ``/title`` command! We have solved your problem? Click the button below to archive it.

You would have to make your function security definer type to work with auth.users table. BUT just deleting the row from auth.users may not be enough. You probably need to look thru the gotrue code to see what is involved. It is normally not a good idea to deal with auth schema directly. I suspect the identity table is handled by foreign key delete, but you will orphan tokens in the refresh_tokens table. Also anyone can call your rpc function and what is saving you is auth.uid in this specific case so you might be safe from attack.

Alright, thanks for the clarification. I did this as a simple poc attempt - not as a production valid solution but thanks for the heads up! I will definitely look in the edge functions instead, looks like it would be a better fit for this use case. Thank you!